Regardless of whether you're using AcuServer's built-in security or the LOGON form of Windows NT security, defining passwords in the access records of your AcuAccess file can be very useful.
If you are using the LOGON form of Windows NT security, defining the password field to hold the user's current Windows NT domain password can make the login process transparent. When a requester initiates a connection to AcuServer, AcuServer uses the value of the requester's password field, if defined, to log the requester onto the Windows NT domain. If the password is not valid or the field is empty, the user is prompted to enter a password. Note that the NAMED-PIPE form of Windows NT security does not use the password field. See NT_SECURITY in section 4.2.2 for more information.
If you are using AcuServer's system security, you can use passwords to achieve added security. When a password is assigned to an entry in the server access file, requesters who match that entry must return a matching password to AcuServer. The client application has two options for acquiring and sending a password back to AcuServer:
Option one: program variable
The requesting application may include code which checks for the program variable Acu_Client_Password. If defined, its value is considered an unencrypted password which is then encrypted and sent to AcuServer for verification. If the value does not match the value in the access record, the connection is refused. Using Acu_Client_Password, the COBOL programmer has a great deal of flexibility in setting and acquiring the password. Using Acu_Client_Password, the programmer can supply a password to AcuServer without requiring any user interaction (the user may remain unaware that a password is required).
To use Acu_Client_Password, declare an external pic X variable named Acu_Client_Password in Working-Storage.
ACU_CLIENT_PASSWORD PIC X(8) IS EXTERNAL
Assign (MOVE) a value to the variable before the program's first access to a remote file (or better, before the program's first access to any file).
Option two: user-entered password
If Acu_Client_Password is not defined, the client runtime will open a dialog window requesting that the user enter a password.
A password is required to connect to host hostname. Please enter a password:
The user must enter a password. The characters do not echo on the screen.
The password is then encrypted and sent to the server for verification. If the password matches, a connection is established. If the password doesn't match, the user is prompted again to enter a password.
Invalid password Please enter a password:
The password verification cycle is repeated until a valid password is entered, or the value of the server configuration variable PASSWORD_ATTEMPTS is exceeded (the default value is three).
The text displayed by the runtime to prompt for a password and report a failed verification can be modified with the TEXT runtime configuration variable (see section 4.2.1 Runtime Configuration Variables).